This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6USQ73XXsQADDlfFBQNXc85exUE.roa
File:                     6USQ73XXsQADDlfFBQNXc85exUE.roa (raw, json)
Hash identifier:          XmLK0DybWGoRs5MTUY2Nj2ixVMkyxHtj6DtfEJI8ixE=
Subject key identifier:   E9:44:90:EF:75:D7:B1:00:03:0E:57:C5:05:03:57:73:CE:5E:C5:41
Certificate issuer:       /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial:       019B79ECF31A927DA69FD570A308CAEE3815
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6USQ73XXsQADDlfFBQNXc85exUE.roa
Signing time:             Thu 01 Jan 2026 14:18:50 +0000
ROA not before:           Thu 01 Jan 2026 14:18:50 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203671
IP address blocks:        147.78.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:f3:1a:92:7d:a6:9f:d5:70:a3:08:ca:ee:38:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
        Validity
            Not Before: Jan  1 14:18:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e94490ef75d7b100030e57c505035773ce5ec541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e9:b4:1e:a5:57:70:1f:09:8d:8c:4a:f6:f4:
                    6d:f6:47:4d:a5:b9:e7:50:87:15:fb:e2:2b:1a:f2:
                    e6:66:ae:c0:d3:72:09:a0:2d:d0:3f:ea:40:3d:77:
                    5d:bb:f6:d9:65:f0:4e:1a:a3:12:01:1d:ca:9f:da:
                    0f:e9:32:1f:31:df:a8:a5:37:cd:5a:67:79:ba:7a:
                    48:e1:11:16:a0:50:25:f0:99:06:92:bc:8c:ab:b9:
                    1c:25:89:23:d1:3a:ca:82:99:cc:ab:49:5d:4b:b9:
                    2c:c0:3b:bc:fc:5b:8b:a7:74:78:32:be:7c:ac:0c:
                    c7:ae:0c:a4:94:ca:79:4a:cc:48:60:71:8d:7c:d4:
                    60:8c:c6:dd:d1:9e:db:ab:dc:2f:12:bc:93:f5:91:
                    de:3e:24:ef:a8:44:42:8f:51:35:06:97:e4:07:c2:
                    b7:67:3c:08:d8:0f:f6:f2:4d:3d:15:94:0d:ff:fa:
                    00:2d:40:1a:73:2b:3a:28:36:70:c3:0e:56:73:db:
                    46:af:d8:e1:f3:c8:27:26:45:42:75:08:4c:fb:0a:
                    c3:73:84:f6:9f:8a:fb:b3:43:66:b7:f8:ea:d7:7e:
                    ff:96:51:b2:e5:ee:c5:72:12:50:57:fd:5f:13:44:
                    57:d6:1d:ff:b7:ab:ff:d1:bd:b5:b6:ed:35:29:7d:
                    56:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:44:90:EF:75:D7:B1:00:03:0E:57:C5:05:03:57:73:CE:5E:C5:41
            X509v3 Authority Key Identifier:
                keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6USQ73XXsQADDlfFBQNXc85exUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:21:c2:be:a3:a2:8c:7a:5b:c2:f7:2d:8b:99:87:b8:3c:d1:
         52:18:96:fd:d4:2e:51:4d:fe:15:8f:2f:b3:c8:e9:59:25:f7:
         29:fd:ba:19:d0:82:28:dc:fd:a6:39:99:a7:f6:07:ae:6b:e3:
         9e:ca:64:08:5c:a8:41:09:9e:29:f0:b5:5b:85:30:48:db:f5:
         10:21:12:bb:b6:d0:d4:b5:78:a5:da:58:5f:8e:0d:3d:ed:27:
         90:91:43:ee:d7:96:fd:96:9b:6f:12:f9:63:49:b8:df:be:e9:
         65:f4:5e:b8:36:e1:9a:f3:45:55:91:73:63:6c:1a:66:b1:1d:
         a9:f2:46:ff:5a:69:cb:b2:44:95:4c:2b:0a:38:d6:31:e1:1c:
         85:29:d5:c7:2b:96:a3:b8:4b:bd:85:9d:85:23:d8:14:ca:ef:
         0d:4d:7f:14:86:61:5e:f8:ac:15:6a:6c:a4:90:84:82:81:0e:
         67:4d:e1:cf:fe:b2:b5:a3:02:93:6d:13:25:ef:a2:40:1f:a9:
         c2:bf:31:ce:d9:a7:b8:79:74:fc:a9:37:84:5e:22:f4:c2:49:
         5a:f7:51:17:61:aa:ed:ea:86:7b:03:35:c5:7a:91:bf:5a:49:
         4a:d2:6c:5e:5e:bb:12:9e:1e:36:f0:49:d3:2a:d9:94:2c:42:
         aa:b5:e2:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57PMakn2mn9VwowjK7jgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjYwMTAxMTQxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQ0OTBlZjc1ZDdiMTAwMDMwZTU3YzUwNTAzNTc3M2NlNWVjNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOm0HqVXcB8JjYxK9vRt9kdNpbnn
UIcV++IrGvLmZq7A03IJoC3QP+pAPXddu/bZZfBOGqMSAR3Kn9oP6TIfMd+opTfN
Wmd5unpI4REWoFAl8JkGkryMq7kcJYkj0TrKgpnMq0ldS7kswDu8/FuLp3R4Mr58
rAzHrgyklMp5SsxIYHGNfNRgjMbd0Z7bq9wvEryT9ZHePiTvqERCj1E1BpfkB8K3
ZzwI2A/28k09FZQN//oALUAacys6KDZwww5Wc9tGr9jh88gnJkVCdQhM+wrDc4T2
n4r7s0Nmt/jq137/llGy5e7FchJQV/1fE0RX1h3/t6v/0b21tu01KX1WsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOlEkO9117EAAw5XxQUDV3POXsVBMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvNlVTUTczWFhzUUFERGxmRkJRTlhjODVleFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk07YMA0G
CSqGSIb3DQEBCwUAA4IBAQBCIcK+o6KMelvC9y2LmYe4PNFSGJb91C5RTf4Vjy+z
yOlZJfcp/boZ0IIo3P2mOZmn9geua+OeymQIXKhBCZ4p8LVbhTBI2/UQIRK7ttDU
tXil2lhfjg097SeQkUPu15b9lptvEvljSbjfvull9F64NuGa80VVkXNjbBpmsR2p
8kb/WmnLskSVTCsKONYx4RyFKdXHK5ajuEu9hZ2FI9gUyu8NTX8UhmFe+KwVamyk
kISCgQ5nTeHP/rK1owKTbRMl76JAH6nCvzHO2ae4eXT8qTeEXiL0wkla91EXYart
6oZ7AzXFepG/WklK0mxeXrsSnh428EnTKtmULEKqteLH
-----END CERTIFICATE-----